A Bitcoin Core researcher, James Hilliard, has discovered a new bug in the firmware code of the S15 miners, the most powerful Bitmain SHA256 miners.
Whereas 00whiterabbit has compiled the code that activates the bug just to demonstrate that the discovery is real and is easily exploitable to do virtually anything one wants, such as changing bitcoin addresses, shutting down the miners or replacing the firmware with others (Braiins OS or Dragonmint).
Both Hilliard and 00whiterabbit did not release any information or parts of the code needed to exploit this bug, in part because they first offered to disclose it to Bitmain only on the condition that Bitmain meets the GNU General Public License (GNU GPL), forcing the Chinese company to comply with it and open source the firmware code of the S15 miners affected by the bug.
For the moment Bitmain has not commented on this and their firmware code is still private, however, they will soon have to make a decision because, if the data is published, the bug could be exploited by anyone and the company could have major problems.
